mirror
/
hometown
mirror of https://github.com/hometown-fork/hometown.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

disable legacy XSS filtering (#17289) 

Browsers are phasing out X-XSS-Protection, but Safari and IE still support it.
Wonderfall 4 years ago committed by Claire
parent
d7adbf5a63
commit
b99c58b6fe
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      config/environments/production.rb

2
config/environments/production.rb
Unescape View File

@ -108,7 +108,7 @@ Rails.application.configure do
'Server' => 'Mastodon',
'X-Frame-Options' => 'DENY',
'X-Content-Type-Options' => 'nosniff',
'X-XSS-Protection' => '1; mode=block',
'X-XSS-Protection' => '0',
}
config.x.otp_secret = ENV.fetch('OTP_SECRET')

Write Preview
Loading…
Cancel
Save